CVE-2014-6236

Опубликовано: 11 сент. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links.

Ссылки

http://secunia.com/advisories/60873
http://typo3.org/extensions/repository/view/lumophpinclude
Patch
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
Patch
Vendor Advisory
http://www.securityfocus.com/bid/69569
https://exchange.xforce.ibmcloud.com/vulnerabilities/95707
http://secunia.com/advisories/60873
http://typo3.org/extensions/repository/view/lumophpinclude
Patch
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
Patch
Vendor Advisory
http://www.securityfocus.com/bid/69569
https://exchange.xforce.ibmcloud.com/vulnerabilities/95707

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lumonet_php_include_project:lumonet_php_include:1.2.0:*:*:*:*:typo3:*:*

EPSS

Процентиль: 83%

0.01957

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-62g9-g8r7-w36p

github

больше 3 лет назад